DEV Community

Cover image for An introduction to RESTful APIs
Alicia Marianne
Alicia Marianne

Posted on • Edited on

An introduction to RESTful APIs

Do you know what is an API? And how to test it? What kind of test that you can do when testing it? Tools that can help you to test it? How put this in your development process? So, to help you my dear padawan, i've create this serie: Deep Dive into API testing.
Basically, will be a serie of articles, publish every week related to API tests(RESTful). During this weeks, we'll discuss and learn about:

  • What is an API
  • What kind of tests we can do in an RESTful API
  • Tools that can be used to tests(Postman)
  • How to use famous frameworks to automate our tests, like cypress, rest assured, python
  • How run this tests in a Pipeline and get results

Starting this week, we'll discuss the main concepts to help us in this journey, like:

What is an API

An application programming interface (API) defines the rules that you must follow to communicate with other software systems. Developers expose or create APIs so that other applications can communicate with their applications programmatically. For example, the timesheet application exposes an API that asks for an employee's full name and a range of dates. When it receives this information, it internally processes the employee's timesheet and returns the number of hours worked in that date range.

In a few words, we can say that a Web API is an gateway that manage the communication between the User Interface and the Server.

Basic Architecture

What is REST

Representational State Transfer (REST) is a software architecture that imposes conditions on how an API should work. REST was initially created as a guideline to manage communication on a complex network like the internet.

The principles of REST architectural style:

  • Uniform interface
  • Statelessness
  • Layered System
  • Code on demand

The benefits of RESTful APIs are: Scalability, Flexibility and Independence. You can learn more here

Common HTTP methods

An HTTP(Hypertext Transfer Protocol) method tells the server what it needs to do to the resource. The following are the common HTTP methods:

  • GET: this method bring the data from the database, is possible to pass parameters to filter the data before sending as well.
  • POST: this method send data to server and create this data in the database.
  • PUT and PATCH: Both of this methods update the data on the database. The main difference between PUT and PATCH is that the with the PUT method, is possible to create a new data if it doesn't exist, the PATCH method only allow update exist data.
  • DELETE: Delete a data from database.

Why test APIs

How the API is responsible to manage the communication between the UI and the Server, make sure that this API is working is very important when we think in software development.
When you have an API bringing a wrong status code or wrong response, the final user for sure will be impacted. This is one of the problems that we can find when an API is not working as expected, in the worst scenario, sensitive data can be exposed.

Type of tests

Knowing the importance to test an API, let's see the most common type of tests for APIs:

  • Integration Testing: This type of test is to make sure that the API is working correctly and validate if the integrations with databases or other external services are working as expected.
  • Functional Testing: In this test, we ensure that the API functions are respecting the documented specifications and requirements.
  • Regression Testing: Ensure that recent code changes haven't broken existing API functionality.
  • Security Testing: Identify and address security vulnerabilities and ensure that the API is protected against common threats. Test for issues like SQL injection, Cross-Site Scripting (XSS), authentication flaws, and improper data handling.
  • Performance Testing: We test how the behavior of the API when we do a lot of requests. For this test, we can validate how the API respond when we have the load expected, more than expected and the endurance of the API when is called for extended periods.
  • Stress Testing: The goal of Stress testing is measuring software on its robustness and error handling capabilities under extremely heavy load conditions and ensure that software doesn’t crash under crunch situations.
  • Load Testing: Evaluate the API's performance under heavy loads to identify bottlenecks and optimize its scalability.

Tools and Frameworks used in API tests

Some tools and Frameworks that is possible to test APIs:

This article was a brief introduction of RestFul APIs we will deep into more details during the next weeks. I hope this content will be useful for you and for any questions, just reach me out! 

Bisous, à la semaine prochain 💅🏼

Top comments (13)

Collapse
 
luiscarlosb3 profile image
Luis Carlos Galvão de Oliveira

using tests I've more confidence to delivery my tasks, It's not a guarantee for a software without bugs but it's certainly a way to reduce them

Collapse
 
mels profile image
Melina Schneider

wow! this is gonna save me! ahhaha thx

Collapse
 
nandosts profile image
Fernando Melo

The only frameworks for testing I used are Insomnia and Postman, I might take a look in those others... Great article! congrats

Collapse
 
marcelomagal profile image
oChefDev

How do you prioritize which types of tests to run when time and resources are limited, and could you provide a real-world example to illustrate your approach?

Collapse
 
m4rri4nne profile image
Alicia Marianne

My suggestion is to prioritize the main workflow of your API, after that, you can start to think in the other scenarios.

Collapse
 
sachajw profile image
Sacha Wharton

Fantastic series Alicia! Great job! Thank you for putting it together.

Collapse
 
canhassi profile image
Canhassi

Nice article

Collapse
 
cherryramatis profile image
Cherry Ramatis

loved the didactics really cool article congrats! I'm currently testing the usage of the playwright library for e2e testing (similar to cypress)

Collapse
 
samucadev profile image
SamucaDev

Really good article.

Collapse
 
lahefag profile image
Lais Fagundes

tão necessário! Arrasou na didática! Ansiosa pelos próximos!

Collapse
 
liyasthomas profile image
Liyas Thomas

If you'd like to try an online API development / testing platform - we're building Hoppscotch.io.

GitHub:

GitHub logo hoppscotch / hoppscotch

👽 Open source API development ecosystem - https://hoppscotch.io

Some comments have been hidden by the post's author - find out more